yoti 1.4.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e50de3d515cbe593c45eee88ea0d684d0a1eafa59d0df31e4f52977f802a0773
-  data.tar.gz: 7e3aad79f573318e00328341abb2e162b8d438c232b488eb6bade1ac8b38151a
+  metadata.gz: 00ff1a296c371b2d5e94ccd5e0951963ff8cbcf9676717724369567e39ef1652
+  data.tar.gz: e80cb02c9f2cd4b9fdab9ac59de05aeee58cdc1066229a0bde35f4310052d562
 SHA512:
-  metadata.gz: 2c229fc49f7ca7bb4b3868395dd3e01742b08b6371eab0e9c8f085ac23e2c653260b6e06e5f858a59e596e8cec4b2d541f008ea391a0bec9e8388cd29f4bca8f
-  data.tar.gz: df7636a39d76928759337e949384c9e118a299da275f06aa47918819aa9012795bd6a494056b7bb49825dc920677c3e8db9385d339557436c4361f242cd87b0c
+  metadata.gz: 74652cb02c63be28c4296c47e073f756baf3836289cf71f646949a36d870716a7851dbe2c4c78f9fb3b771e08213d6035e1bb2508a0a4fbae340d1964d4754a5
+  data.tar.gz: '019dd78cc18bdfeb6bb2b852cd3ae8331062f4a5d7af312882aa143818af75ea7fc7e15e3dddf96d30c32b208c13a56327eeebc509415502a888442bd45e7b4b'

data/README.md

@@ -19,7 +19,7 @@ Welcome to the Yoti Ruby SDK. This repository contains the tools you need to qui
 ## An Architectural view
 
 To integrate your application with Yoti, your back-end must expose a GET endpoint that Yoti will use to forward tokens.
-The endpoint is configured in the [Yoti Dashboard](https://www.yoti.com/dashboard) where you create/update your application. To see an example of how this is configured, see the [Running the Examples](#running-the-examples) section.
+The endpoint is configured in the [Yoti Hub](https://hub.yoti.com) where you create/update your application. To see an example of how this is configured, see the [Running the Examples](#running-the-examples) section.
 
 The image below shows how your application back-end and Yoti integrate into the context of a Login flow.
 Yoti SDK carries out for you steps 6, 7, 8 and the profile decryption in step 9.
@@ -98,7 +98,7 @@ end
 
 Make sure the following environment variables can be accessed by your app:
 
-`YOTI_CLIENT_SDK_ID` - found on the Key settings page on your application dashboard
+`YOTI_CLIENT_SDK_ID` - found on the Key settings page on your Yoti Hub
 
 `YOTI_KEY_FILE_PATH` - the full path to your security key downloaded from the *Keys* settings page (e.g. /Users/developer/access-security.pem)
 
@@ -161,7 +161,7 @@ else
 end
 ```
 
-The `profile` object provides a set of attributes corresponding to user attributes. Whether the attributes are present or not depends on the settings you have applied to your app on Yoti Dashboard.
+The `profile` object provides a set of attributes corresponding to user attributes. Whether the attributes are present or not depends on the settings you have applied to your app on Yoti Hub.
 
 ### Handling Users
 
@@ -194,17 +194,19 @@ Where `your_user_search_function` is a piece of logic in your app that is suppos
 You can retrieve the sources and verifiers for each attribute as follows:
 
 ```ruby
-given_names_sources = profile.given_names.sources // list of anchors
-given_names_verifiers = profile.given_names.verifiers // list of anchors
+given_names_sources = profile.given_names.sources # list of anchors
+given_names_verifiers = profile.given_names.verifiers # list of anchors
+given_names_anchors = profile.given_names.anchors # list of anchors
 ```
 You can also retrieve further properties from these respective anchors in the following way:
 
 ```ruby
-// Retrieving properties of the first anchor
-value = given_names_sources[0].value // string
-sub_type = given_names_sources[0].sub_type // string
-time_stamp = given_names_sources[0].signed_time_stamp.time_stamp // DateTime object
-origin_server_certs = given_names_sources[0].origin_server_certs // list of X509 certificates
+# Retrieving properties of the first anchor
+type = given_names_sources[0].type # string
+value = given_names_sources[0].value # string
+sub_type = given_names_sources[0].sub_type # string
+time_stamp = given_names_sources[0].signed_time_stamp.time_stamp # DateTime object
+origin_server_certs = given_names_sources[0].origin_server_certs # list of X509 certificates
 ```
 
 In case you want to prove the sources and verifiers of the helper`ActivityDetails.age_verified` on `Age Over 18` set as age derivation, please retrieve it's original attribute from the profile as follow:
@@ -213,6 +215,7 @@ In case you want to prove the sources and verifiers of the helper`ActivityDetail
 age_attribute = profile.get_attribute('age_over:18')
 sources = age_attribute.sources
 verifiers = age_attribute.verifiers
+anchors = age_attribute.anchors
 ```
 
 ## AML Integration
@@ -225,11 +228,11 @@ Yoti will provide a boolean result on the following checks:
 * Fraud list - Verify against  US Social Security Administration Fraud (SSN Fraud) list
 * Watch list - Verify against watch lists from the Office of Foreign Assets Control
 
-To use this functionality you must ensure your application is assigned to your organisation in the Yoti Dashboard - please see [here](https://www.yoti.com/developers/documentation/#1-creating-an-organisation) for further information.
+To use this functionality you must ensure your application is assigned to your organisation in the Yoti Hub - please see [here](https://developers.yoti.com/yoti-app-integration/yoti-app-integration#step-1-creating-an-organisation) for further information.
 
 For the AML check you will need to provide the following:
 
-* Data provided by Yoti (please ensure you have selected the Given name(s) and Family name attributes from the Data tab in the Yoti Dashboard)
+* Data provided by Yoti (please ensure you have selected the Given name(s) and Family name attributes for your scenario on the Yoti Hub)
   * Given name(s)
   * Family name
 * Data that must be collected from the user:
@@ -266,7 +269,7 @@ The examples can be found in the [examples folder](examples).
 
 ### Ruby on Rails
 
-1. Create your application in the [Yoti Dashboard](https://www.yoti.com/dashboard/applications)
+1. Create your application in the [Yoti Hub](https://hub.yoti.com)
 1. Set the application domain of your app to `localhost:3000`
 1. Set the scenario callback URL to `/profile`
 1. Rename the [.env.example](examples/rails/.env.example) file to `.env` 
@@ -282,7 +285,7 @@ Visiting `https://localhost:3001/` should show a Yoti Connect button
 
 ### Sinatra
 
-1. Create your application in the [Yoti Dashboard](https://www.yoti.com/dashboard/applications)
+1. Create your application in the [Yoti Hub](https://hub.yoti.com)
 1. Set the application domain of your app to `localhost:4567`
 1. Set the scenario callback URL to `/profile`
 1. Rename the [.env.example](examples/sinatra/.env.example) file to `.env`
@@ -307,6 +310,8 @@ Visiting `https://localhost:4567/` should show a Yoti Connect button
 * Activity Details
   * [X] Remember Me ID `remember_me_id`
   * [X] Parent Remember Me ID `parent_remember_me_id`
+  * [X] Receipt ID `receipt_id`
+  * [X] Timestamp `timestamp`
   * [X] Base64 Selfie URI `base64_selfie_uri`
   * [X] Age verified `age_verified`
   * [X] Profile `profile`
@@ -318,8 +323,14 @@ Visiting `https://localhost:4567/` should show a Yoti Connect button
     * [X] Email Address `email_address`
     * [X] Age / Date of Birth `date_of_birth`
     * [X] Address `postal_address`
+    * [X] Structured Postal Address `structured_postal_address`
     * [X] Gender `gender`
     * [X] Nationality `nationality`
+  * [X] Application Profile `application_profile`
+    * [X] Name `name`
+    * [X] URL `url`
+    * [X] Logo `logo`
+    * [X] Receipt Background Color `receipt_bgcolor`
 
 ## Support
 

data/lib/yoti.rb

@@ -12,6 +12,8 @@ require_relative 'yoti/http/profile_request'
 require_relative 'yoti/http/request'
 
 require_relative 'yoti/data_type/anchor'
+require_relative 'yoti/data_type/base_profile'
+require_relative 'yoti/data_type/application_profile'
 require_relative 'yoti/data_type/profile'
 require_relative 'yoti/data_type/attribute'
 require_relative 'yoti/data_type/signed_time_stamp'

data/lib/yoti/activity_details.rb

@@ -1,69 +1,167 @@
 require 'net/http'
 
 module Yoti
-  # Encapsulates the user profile data
+  #
+  # Details of an activity between a user and the application.
+  #
   class ActivityDetails
-    # @return [String] the outcome of the profile request, eg: SUCCESS
+    #
+    # The outcome of the profile request, eg: SUCCESS
+    #
+    # @return [String]
+    #
     attr_reader :outcome
 
+    #
     # @deprecated replaced by :remember_me_id
-    # @return [String] the Yoti ID
+    #
+    # @return [String]
+    #
     attr_reader :user_id
 
-    # @return [String] the Remember Me ID
+    #
+    # Return the Remember Me ID, which is a unique, stable identifier for
+    # a user in the context of an application.
+    #
+    # You can use it to identify returning users. This value will be different
+    # for the same user in different applications.
+    #
+    # @return [String]
+    #
     attr_reader :remember_me_id
 
-    # @return [String] the Parent Remember Me ID
+    #
+    # Return the Parent Remember Me ID, which is a unique, stable identifier for a
+    # user in the context of an organisation.
+    #
+    # You can use it to identify returning users. This value is consistent for a
+    # given user across different applications belonging to a single organisation.
+    #
+    # @return [String]
+    #
     attr_reader :parent_remember_me_id
 
-    # @return [Hash] the decoded profile attributes
+    #
+    # The decoded profile attributes
+    #
+    # @deprecated replaced by :profile
+    #
+    # @return [Hash]
+    #
     attr_reader :user_profile
 
-    # @return [String] the selfie in base64 format
+    #
+    # Base64 encoded selfie image
+    #
+    # @return [String]
+    #
     attr_reader :base64_selfie_uri
 
-    # @return [Boolean] the age under/over attribute
+    #
+    # The age under/over attribute
+    #
+    # @return [Boolean]
+    #
     attr_reader :age_verified
 
+    #
+    # Receipt ID identifying a completed activity
+    #
+    # @return [String]
+    #
+    attr_reader :receipt_id
+
+    #
+    # Time and date of the sharing activity
+    #
+    # @return [Time]
+    #
+    attr_reader :timestamp
+
+    #
     # @param receipt [Hash] the receipt from the API request
     # @param decrypted_profile [Object] Protobuf AttributeList decrypted object containing the profile attributes
-    def initialize(receipt, decrypted_profile = nil)
+    #
+    def initialize(receipt, decrypted_profile = nil, decrypted_application_profile = nil)
       @remember_me_id = receipt['remember_me_id']
       @user_id = @remember_me_id
+      @receipt_id = receipt['receipt_id']
       @parent_remember_me_id = receipt['parent_remember_me_id']
       @outcome = receipt['sharing_outcome']
-      @user_profile = {}
-      @extended_profile = {}
-      process_decrypted_profile(decrypted_profile)
+      @timestamp = receipt['timestamp'] ? Time.parse(receipt['timestamp']) : nil
+      @extended_user_profile = process_decrypted_profile(decrypted_profile)
+      @extended_application_profile = process_decrypted_profile(decrypted_application_profile)
+      @user_profile = @extended_user_profile.map do |name, attribute|
+        [name, attribute.value]
+      end.to_h
     end
 
-    # @return [Hash] a JSON of the address
+    #
+    # The user's structured postal address as JSON
+    #
+    # @deprecated replaced by Profile.structured_postal_address
+    #
+    # @return [Hash]
+    #
     def structured_postal_address
-      @user_profile['structured_postal_address']
+      user_profile['structured_postal_address']
     end
 
-    # @return [Profile] of Yoti user
+    #
+    # The user profile with shared attributes and anchor information, returned
+    # by Yoti if the request was successful
+    #
+    # @return [Profile]
+    #
     def profile
-      Yoti::Profile.new(@extended_profile)
+      Yoti::Profile.new(@extended_user_profile)
+    end
+
+    #
+    # Profile of an application, with convenience methods to access well-known attributes
+    #
+    # @return [ApplicationProfile]
+    #
+    def application_profile
+      Yoti::ApplicationProfile.new(@extended_application_profile)
     end
 
     protected
 
+    #
+    # Process the decrypted profile into key-value hash
+    #
+    # @param [Yoti::Protobuf::Attrpubapi::AttributeList] decrypted_profile
+    #
+    # @return [Hash]
+    #
     def process_decrypted_profile(decrypted_profile)
-      return nil unless decrypted_profile.is_a?(Object)
-      return nil unless decrypted_profile.respond_to?(:attributes)
+      return {} unless decrypted_profile.is_a?(Object)
+      return {} unless decrypted_profile.respond_to?(:attributes)
 
+      profile_data = {}
       decrypted_profile.attributes.each do |attribute|
         begin
-          process_attribute(attribute)
+          profile_data[attribute.name] = process_attribute(attribute)
           process_age_verified(attribute)
         rescue StandardError => e
           Yoti::Log.logger.warn("#{e.message} (Attribute: #{attribute.name})")
         end
       end
+      profile_data
     end
 
+    #
+    # Converts protobuf attribute into Attribute
+    #
+    # @param [Yoti::Protobuf::Attrpubapi::Attribute] attribute
+    #
+    # @return [Attribute, nil]
+    #
     def process_attribute(attribute)
+      # Application Logo can be empty, return nil when this occurs.
+      return nil if attribute.name == Yoti::Attribute::APPLICATION_LOGO && attribute.value == ''
+
       attr_value = Yoti::Protobuf.value_based_on_content_type(attribute.value, attribute.content_type)
       attr_value = Yoti::Protobuf.value_based_on_attribute_name(attr_value, attribute.name)
 
@@ -74,10 +172,14 @@ module Yoti
       end
 
       anchors_list = Yoti::AnchorProcessor.new(attribute.anchors).process
-      @extended_profile[attribute.name] = Yoti::Attribute.new(attribute.name, attr_value, anchors_list['sources'], anchors_list['verifiers'])
-      @user_profile[attribute.name] = attr_value
+      Yoti::Attribute.new(attribute.name, attr_value, anchors_list['sources'], anchors_list['verifiers'], anchors_list)
     end
 
+    #
+    # Processes age verification
+    #
+    # @param [Yoti::Protobuf::Attrpubapi::Attribute] attribute
+    #
     def process_age_verified(attribute)
       @age_verified = attribute.value == 'true' if Yoti::AgeProcessor.is_age_verification(attribute.name)
     end

data/lib/yoti/client.rb

@@ -1,20 +1,24 @@
 module Yoti
+  #
   # Handles all the publicly accesible Yoti methods for
   # geting data using an encrypted connect token
+  #
   module Client
+    #
     # Performs all the steps required to get the decrypted profile from an API request
+    #
     # @param encrypted_connect_token [String] token provided as a base 64 string
+    #
     # @return [Object] an ActivityDetails instance encapsulating the user profile
+    #
     def self.get_activity_details(encrypted_connect_token)
       receipt = Yoti::ProfileRequest.new(encrypted_connect_token).receipt
-      encrypted_data = Protobuf.current_user(receipt)
+      user_profile = Protobuf.user_profile(receipt)
+      application_profile = Protobuf.application_profile(receipt)
 
-      return ActivityDetails.new(receipt) if encrypted_data.nil?
+      return ActivityDetails.new(receipt) if user_profile.nil?
 
-      unwrapped_key = Yoti::SSL.decrypt_token(receipt['wrapped_receipt_key'])
-      decrypted_data = Yoti::SSL.decipher(unwrapped_key, encrypted_data.iv, encrypted_data.cipher_text)
-      decrypted_profile = Protobuf.attribute_list(decrypted_data)
-      ActivityDetails.new(receipt, decrypted_profile)
+      ActivityDetails.new(receipt, user_profile, application_profile)
     end
 
     def self.aml_check(aml_profile)

data/lib/yoti/configuration.rb

@@ -3,6 +3,8 @@ module Yoti
     attr_accessor :client_sdk_id, :key_file_path, :key, :sdk_identifier,
                   :api_url, :api_port, :api_version
 
+    attr_writer :api_endpoint
+
     # Set config variables by using a configuration block
     def initialize
       @client_sdk_id = ''

data/lib/yoti/data_type/anchor.rb

@@ -1,13 +1,67 @@
 module Yoti
   # Encapsulates attribute anchor
   class Anchor
-    attr_reader :value, :sub_type, :signed_time_stamp, :origin_server_certs
+    #
+    # Gets the value of the given anchor.
+    #
+    # Among possible options for SOURCE are "USER_PROVIDED", "PASSPORT",
+    # "DRIVING_LICENCE", "NATIONAL_ID" and "PASSCARD".
+    #
+    # Among possible options for VERIFIER are "YOTI_ADMIN", "YOTI_IDENTITY",
+    # "YOTI_OTP", "PASSPORT_NFC_SIGNATURE", "ISSUING_AUTHORITY" and
+    # "ISSUING_AUTHORITY_PKI".
+    #
+    # @return [String]
+    #
+    attr_reader :value
 
-    def initialize(value, sub_type, signed_time_stamp, origin_server_certs)
+    #
+    # SubType is an indicator of any specific processing method, or subcategory,
+    # pertaining to an artifact.
+    #
+    # Examples:
+    # - For a passport, this would be either "NFC" or "OCR".
+    # - For a national ID, this could be "AADHAAR".
+    #
+    # @return [String]
+    #
+    attr_reader :sub_type
+
+    #
+    # Timestamp applied at the time of Anchor creation.
+    #
+    # @return [Yoti::SignedTimeStamp]
+    #
+    attr_reader :signed_time_stamp
+
+    #
+    # Certificate chain generated when this Anchor was created (attribute value was
+    # sourced or verified). Securely encodes the Anchor type and value.
+    #
+    # @return [Array<OpenSSL::X509::Certificate>]
+    #
+    attr_reader :origin_server_certs
+
+    #
+    # Gets the type of the given anchor.
+    #
+    # @return [String]
+    #
+    attr_reader :type
+
+    #
+    # @param [String] value
+    # @param [String] sub_type
+    # @param [Yoti::SignedTimeStamp] signed_time_stamp
+    # @param [Array<OpenSSL::X509::Certificate>] origin_server_certs
+    # @param [String] type
+    #
+    def initialize(value, sub_type, signed_time_stamp, origin_server_certs, type = nil)
       @value = value
       @sub_type = sub_type
       @signed_time_stamp = signed_time_stamp
       @origin_server_certs = origin_server_certs
+      @type = type
     end
   end
 end

data/lib/yoti/data_type/application_profile.rb

@@ -0,0 +1,43 @@
+module Yoti
+  #
+  # Profile of an application with convenience methods to access well-known attributes.
+  #
+  class ApplicationProfile < BaseProfile
+    #
+    # The name of the application.
+    #
+    # @return [Attribute, nil]
+    #
+    def name
+      get_attribute(Yoti::Attribute::APPLICATION_NAME)
+    end
+
+    #
+    # The URL where the application is available at.
+    #
+    # @return [Attribute, nil]
+    #
+    def url
+      get_attribute(Yoti::Attribute::APPLICATION_URL)
+    end
+
+    #
+    # The logo of the application that will be displayed to users that perform a share with it.
+    #
+    # @return [Attribute, nil]
+    #
+    def logo
+      get_attribute(Yoti::Attribute::APPLICATION_LOGO)
+    end
+
+    #
+    # The background color that will be displayed on each receipt the user gets, as a result
+    # of a share with the application.
+    #
+    # @return [Attribute, nil]
+    #
+    def receipt_bgcolor
+      get_attribute(Yoti::Attribute::APPLICATION_RECEIPT_BGCOLOR)
+    end
+  end
+end

data/lib/yoti/data_type/attribute.rb

@@ -1,5 +1,13 @@
 module Yoti
-  # Encapsulates profile attribute
+  #
+  # A class to represent a Yoti attribute.
+  #
+  # A Yoti attribute consists of the attribute name, an associated
+  # attribute value, and a list of Anchors from Yoti.
+  #
+  # It may hold one or more anchors, which specify how an attribute has been provided
+  # and how it has been verified within the Yoti platform.
+  #
   class Attribute
     FAMILY_NAME = 'family_name'
     GIVEN_NAMES = 'given_names'
@@ -13,14 +21,79 @@ module Yoti
     POSTAL_ADDRESS = 'postal_address'
     STRUCTURED_POSTAL_ADDRESS = 'structured_postal_address'
     DOCUMENT_IMAGES = 'document_images'
+    APPLICATION_NAME = 'application_name'
+    APPLICATION_LOGO = 'application_logo'
+    APPLICATION_URL = 'application_url'
+    APPLICATION_RECEIPT_BGCOLOR = 'application_receipt_bgcolor'
 
-    attr_reader :name, :value, :sources, :verifiers
+    #
+    # Gets the name of the attribute.
+    #
+    # @return [String]
+    #
+    attr_reader :name
 
-    def initialize(name, value, sources, verifiers)
+    #
+    # Retrieves the value of an attribute. If this is null, the default value for
+    # the type is returned.
+    #
+    # @return [String]
+    #
+    attr_reader :value
+
+    #
+    # Sources are a subset of the anchors associated with an attribute, where the
+    # anchor type is SOURCE.
+    #
+    # @return [Array<Yoti::Anchor>]
+    #
+    attr_reader :sources
+
+    #
+    # Verifiers are a subset of the anchors associated with an attribute, where the
+    # anchor type is VERIFIER.
+    #
+    # @return [Array<Yoti::Anchor>]
+    #
+    attr_reader :verifiers
+
+    #
+    # Get the anchors for an attribute. If an attribute has only one SOURCE
+    # Anchor with the value set to "USER_PROVIDED" and zero VERIFIER Anchors,
+    # then the attribute is a self-certified one.
+    #
+    # @return [Array<Yoti::Anchor>]
+    #
+    attr_reader :anchors
+
+    #
+    # @param [String] name
+    # @param [String] value
+    # @param [Array<Yoti::Anchor>] sources
+    # @param [Array<Yoti::Anchor>] verifiers
+    # @param [Hash<String => Array>] anchors_list
+    #
+    def initialize(name, value, sources, verifiers, anchors_list = {})
       @name = name
       @value = value
       @sources = sources
       @verifiers = verifiers
+      @anchors = process_anchors_list(anchors_list)
+    end
+
+    private
+
+    #
+    # Flattens anchor lists into single array.
+    #
+    # @param [Hash<String => Array>] anchors_list
+    #
+    # @return [Array<Yoti::Anchor>] <description>
+    #
+    def process_anchors_list(anchors_list)
+      anchors = []
+      anchors_list.each { |_type, list| anchors += list }
+      anchors
     end
   end
 end

data/lib/yoti/data_type/base_profile.rb

@@ -0,0 +1,33 @@
+module Yoti
+  #
+  # Encapsulates Yoti user profile
+  #
+  class BaseProfile
+    #
+    # Return all attributes for the profile.
+    #
+    # @return [Hash{String => Yoti::Attribute}]
+    #
+    attr_reader :attributes
+
+    #
+    # @param [Hash{String => Yoti::Attribute}] profile_data
+    #
+    def initialize(profile_data)
+      @attributes = profile_data.is_a?(Object) ? profile_data : {}
+    end
+
+    #
+    # Get attribute value by name.
+    #
+    # @param [String] attr_name
+    #
+    # @return [Attribute, nil]
+    #
+    def get_attribute(attr_name)
+      return nil unless @attributes.key? attr_name
+
+      @attributes[attr_name]
+    end
+  end
+end

data/lib/yoti/data_type/profile.rb

@@ -1,51 +1,105 @@
 module Yoti
+  #
   # Encapsulates Yoti user profile
-  class Profile
-    def initialize(profile_data)
-      profile_data = {} unless profile_data.is_a? Object
-      @profile_data = profile_data
-    end
-
+  #
+  class Profile < BaseProfile
+    #
+    # Selfie is a photograph of the user.
+    #
+    # @return [Attribute, nil]
+    #
     def selfie
       get_attribute(Yoti::Attribute::SELFIE)
     end
 
+    #
+    # Corresponds to primary name in passport, and surname in English.
+    #
+    # @return [Attribute, nil]
+    #
     def family_name
       get_attribute(Yoti::Attribute::FAMILY_NAME)
     end
 
+    #
+    # Corresponds to secondary names in passport, and first/middle names in English.
+    #
+    # @return [Attribute, nil]
+    #
     def given_names
       get_attribute(Yoti::Attribute::GIVEN_NAMES)
     end
 
+    #
+    # The user's full name.
+    #
+    # @return [Attribute, nil]
+    #
     def full_name
       get_attribute(Yoti::Attribute::FULL_NAME)
     end
 
+    #
+    # The user's phone number, as verified at registration time. This will be a number with + for
+    # international prefix and no spaces, e.g. "+447777123456".
+    #
+    # @return [Attribute, nil]
+    #
     def phone_number
       get_attribute(Yoti::Attribute::PHONE_NUMBER)
     end
 
+    #
+    # The user's verified email address.
+    #
+    # @return [Attribute, nil]
+    #
     def email_address
       get_attribute(Yoti::Attribute::EMAIL_ADDRESS)
     end
 
+    #
+    # Date of birth.
+    #
+    # @return [Attribute, nil]
+    #
     def date_of_birth
       get_attribute(Yoti::Attribute::DATE_OF_BIRTH)
     end
 
+    #
+    # Corresponds to the gender in the passport; will be one of the strings
+    # "MALE", "FEMALE", "TRANSGENDER" or "OTHER".
+    #
+    # @return [Attribute, nil]
+    #
     def gender
       get_attribute(Yoti::Attribute::GENDER)
     end
 
+    #
+    # Corresponds to the nationality in the passport.
+    #
+    # @return [Attribute, nil]
+    #
     def nationality
       get_attribute(Yoti::Attribute::NATIONALITY)
     end
 
+    #
+    # Document images.
+    #
+    # @return [Attribute, nil]
+    #
     def document_images
       get_attribute(Yoti::Attribute::DOCUMENT_IMAGES)
     end
 
+    #
+    # The user's postal address as a String.
+    #
+    # @return [Attribute, nil]
+    #
     def postal_address
       postal_address = get_attribute(Yoti::Attribute::POSTAL_ADDRESS)
       return postal_address unless postal_address.nil?
@@ -53,19 +107,22 @@ module Yoti
       attribute_from_formatted_address
     end
 
+    #
+    # The user's structured postal address as a JSON.
+    #
+    # @return [Attribute, nil]
+    #
     def structured_postal_address
       get_attribute(Yoti::Attribute::STRUCTURED_POSTAL_ADDRESS)
     end
 
-    # @return attribute value by name
-    def get_attribute(attr_name)
-      return nil unless @profile_data.key? attr_name
-
-      @profile_data[attr_name]
-    end
-
     protected
 
+    #
+    # Creates attribute from formatted address.
+    #
+    # @return [Attribute, nil]
+    #
     def attribute_from_formatted_address
       return nil if structured_postal_address.nil?
       return nil unless structured_postal_address.value.key?('formatted_address')

data/lib/yoti/http/signed_request.rb

@@ -14,6 +14,7 @@ module Yoti
       @http_req['X-Yoti-Auth-Key'] = @auth_key
       @http_req['X-Yoti-Auth-Digest'] = message_signature
       @http_req['X-Yoti-SDK'] = Yoti.configuration.sdk_identifier
+      @http_req['X-Yoti-SDK-Version'] = "#{Yoti.configuration.sdk_identifier}-#{Yoti::VERSION}"
       @http_req['Content-Type'] = 'application/json'
       @http_req['Accept'] = 'application/json'
       @http_req

data/lib/yoti/protobuf/main.rb

@@ -19,12 +19,25 @@ module Yoti
       CT_MULTI_VALUE = :MULTI_VALUE # multi value
       CT_INT = :INT # integer
 
+      #
+      # @deprecated replaced by user_profile
+      #
       def current_user(receipt)
         return nil unless valid_receipt?(receipt)
 
-        profile_content = receipt['other_party_profile_content']
-        decoded_profile_content = Base64.decode64(profile_content)
-        Yoti::Protobuf::Compubapi::EncryptedData.decode(decoded_profile_content)
+        decode_profile(receipt['other_party_profile_content'])
+      end
+
+      def user_profile(receipt)
+        return nil unless valid_receipt?(receipt)
+
+        decipher_profile(receipt['other_party_profile_content'], receipt['wrapped_receipt_key'])
+      end
+
+      def application_profile(receipt)
+        return nil unless valid_receipt?(receipt)
+
+        decipher_profile(receipt['profile_content'], receipt['wrapped_receipt_key'])
       end
 
       def attribute_list(data)
@@ -80,6 +93,18 @@ module Yoti
           !receipt['other_party_profile_content'].nil? &&
           receipt['other_party_profile_content'] != ''
       end
+
+      def decode_profile(profile_content)
+        decoded_profile_content = Base64.decode64(profile_content)
+        Yoti::Protobuf::Compubapi::EncryptedData.decode(decoded_profile_content)
+      end
+
+      def decipher_profile(profile_content, wrapped_key)
+        encrypted_data = decode_profile(profile_content)
+        unwrapped_key = Yoti::SSL.decrypt_token(wrapped_key)
+        decrypted_data = Yoti::SSL.decipher(unwrapped_key, encrypted_data.iv, encrypted_data.cipher_text)
+        Protobuf.attribute_list(decrypted_data)
+      end
     end
   end
 end

data/lib/yoti/util/anchor_processor.rb

@@ -2,58 +2,95 @@ require 'openssl'
 require 'date'
 
 module Yoti
+  #
   # Parse attribute anchors
+  #
   class AnchorProcessor
+    #
+    # @param [Array<Yoti::Protobuf::Attrpubapi::Anchor>]
+    #
     def initialize(anchors_list)
       @anchors_list = anchors_list
       @get_next = false
     end
 
+    #
+    # Extract matching Attribute Anchors from list.
+    #
+    # @return [Array<Yoti::Anchor>]
+    #
     def process
-      result_data = { 'sources' => [], 'verifiers' => [] }
-      anchor_types = self.anchor_types
+      result_data = ANCHOR_LIST_KEYS.map { |key, _value| [key, []] }.to_h
 
       @anchors_list.each do |anchor|
         x509_certs_list = convert_certs_list_to_X509(anchor.origin_server_certs)
-        yoti_signed_time_stamp = process_signed_time_stamp(anchor.signed_time_stamp)
-
-        anchor.origin_server_certs.each do |cert|
-          anchor_types.each do |type, oid|
-            yoti_anchor = get_anchor_by_oid(cert, oid, anchor.sub_type, yoti_signed_time_stamp, x509_certs_list)
-            result_data[type].push(yoti_anchor) unless yoti_anchor.nil?
-          end
-        end
+        signed_time_stamp = process_signed_time_stamp(anchor.signed_time_stamp)
+        yoti_anchor = get_anchor_from_certs(x509_certs_list, anchor.sub_type, signed_time_stamp)
+        anchor_list_key = get_anchor_list_key_by_type(yoti_anchor.type)
+        result_data[anchor_list_key].push(yoti_anchor)
       end
 
       result_data
     end
 
+    #
+    # Convert certificate list to a list of X509 certificates.
+    #
+    # @param [Google::Protobuf::RepeatedField] certs_list
+    #
+    # @return [Array<OpenSSL::X509::Certificate>]
+    #
     def convert_certs_list_to_X509(certs_list)
       x509_certs_list = []
       certs_list.each do |cert|
-        x509_cert = OpenSSL::X509::Certificate.new cert
-        x509_certs_list.push x509_cert
+        x509_certs_list.push OpenSSL::X509::Certificate.new(cert)
       end
-
       x509_certs_list
     end
 
+    #
+    # Return signed timestamp.
+    #
+    # @param [String] signed_time_stamp_binary
+    #
+    # @return [Yoti::SignedTimeStamp]
+    #
     def process_signed_time_stamp(signed_time_stamp_binary)
       signed_time_stamp = Yoti::Protobuf::Compubapi::SignedTimestamp.decode(signed_time_stamp_binary)
-      time_in_sec = signed_time_stamp.timestamp / 1000000
-      date_time = Time.parse(Time.at(time_in_sec).to_s)
-      Yoti::SignedTimeStamp.new(signed_time_stamp.version, date_time)
+      time_in_sec = signed_time_stamp.timestamp.quo(1000000)
+      Yoti::SignedTimeStamp.new(signed_time_stamp.version, Time.at(time_in_sec))
     end
 
+    #
+    # Return Anchor for provided oid.
+    #
+    # @deprecated no longer in use
+    #
+    # @param [OpenSSL::X509::Certificate] cert
+    # @param [String] oid
+    # @param [String] sub_type
+    # @param [Yoti::SignedTimeStamp] signed_time_stamp
+    # @param [Array<OpenSSL::X509::Certificate>] x509_certs_list
+    #
+    # @return [Yoti::Anchor, nil]
+    #
     def get_anchor_by_oid(cert, oid, sub_type, signed_time_stamp, x509_certs_list)
       asn1_obj = OpenSSL::ASN1.decode(cert)
       anchor_value = get_anchor_value_by_oid(asn1_obj, oid)
 
-      return nil if anchor_value.nil?
-
-      Yoti::Anchor.new(anchor_value, sub_type, signed_time_stamp, x509_certs_list)
+      Yoti::Anchor.new(anchor_value, sub_type, signed_time_stamp, x509_certs_list) unless anchor_value.nil?
     end
 
+    #
+    # Return Anchor value for provided oid.
+    #
+    # @deprecated no longer in use
+    #
+    # @param [OpenSSL::ASN1::Sequence, OpenSSL::ASN1::ASN1Data, Array] obj
+    # @param [String] oid
+    #
+    # @return [String, nil]
+    #
     def get_anchor_value_by_oid(obj, oid)
       case obj
       when OpenSSL::ASN1::Sequence, Array
@@ -66,19 +103,37 @@ module Yoti
       nil
     end
 
+    #
+    # Return Anchor value for ASN1 data.
+    #
+    # @deprecated no longer in use
+    #
+    # @param [OpenSSL::ASN1::ASN1Data] value
+    # @param [String] oid
+    #
+    # @return [String, nil]
+    #
     def get_anchor_value_by_asn1_data(value, oid)
       if value.respond_to?(:to_s) && value == oid
         @get_next = true
       elsif value.respond_to?(:to_s) && @get_next
-        raw_value = OpenSSL::ASN1.decode(value)
-        anchor_value = raw_value.value[0].value
         @get_next = false
-        return anchor_value
+        return OpenSSL::ASN1.decode(value).value[0].value
       end
 
       get_anchor_value_by_oid(value, oid)
     end
 
+    #
+    # Return Anchor value for ASN1 sequence.
+    #
+    # @deprecated no longer in use
+    #
+    # @param [OpenSSL::ASN1::Sequence, Array] obj
+    # @param [String] oid
+    #
+    # @return [String, nil]
+    #
     def get_anchor_value_by_asn1_sequence(obj, oid)
       obj.each do |child_obj|
         result = get_anchor_value_by_oid(child_obj, oid)
@@ -87,15 +142,126 @@ module Yoti
       nil
     end
 
+    #
+    # Mapping of anchor types to oid.
+    #
+    # @deprecated no longer in use
+    #
+    # @return [Hash]
+    #
     def anchor_types
-      { 'sources' => '1.3.6.1.4.1.47127.1.1.1',
-        'verifiers' => '1.3.6.1.4.1.47127.1.1.2' }
+      ANCHOR_LIST_KEYS
     end
 
     protected
 
+    #
     # Define whether the search function get_anchor_value_by_oid
     # should return the next value in the array
+    #
+    # @deprecated no longer in use
+    #
+    # @return [Boolean]
+    #
     attr_reader :get_next
+
+    private
+
+    #
+    # Mapping of anchor types.
+    #
+    ANCHOR_TYPES = {
+      'SOURCE' => '1.3.6.1.4.1.47127.1.1.1',
+      'VERIFIER' => '1.3.6.1.4.1.47127.1.1.2',
+      'UNKNOWN' => ''
+    }.freeze
+
+    #
+    # Mapping of anchor list keys.
+    #
+    ANCHOR_LIST_KEYS = {
+      'sources' => ANCHOR_TYPES['SOURCE'],
+      'verifiers' => ANCHOR_TYPES['VERIFIER'],
+      'unknown' => ANCHOR_TYPES['UNKNOWN']
+    }.freeze
+
+    #
+    # Get anchor type by oid.
+    #
+    # @param [String] oid
+    #
+    def get_anchor_type_by_oid(oid)
+      ANCHOR_TYPES.find { |_key, value| value == oid }.first
+    end
+
+    #
+    # Get anchor list key by type.
+    #
+    # @param [String] type
+    #
+    def get_anchor_list_key_by_type(type)
+      ANCHOR_LIST_KEYS.find { |_key, value| value == ANCHOR_TYPES[type] }.first
+    end
+
+    #
+    # Get anchor from provided certificate list.
+    #
+    # @param [Array<OpenSSL::X509::Certificate>] x509_certs_list
+    # @param [String] sub_type
+    # @param [Yoti::SignedTimeStamp] signed_time_stamp
+    #
+    # @return [Yoti::Anchor]
+    #
+    def get_anchor_from_certs(x509_certs_list, sub_type, signed_time_stamp)
+      x509_certs_list.each do |cert|
+        ANCHOR_TYPES.each do |_type, oid|
+          anchor_extension = get_extension_by_oid(cert, oid)
+          next if anchor_extension.nil?
+
+          return Yoti::Anchor.new(
+            get_anchor_value(anchor_extension),
+            sub_type,
+            signed_time_stamp,
+            x509_certs_list,
+            get_anchor_type_by_oid(oid)
+          )
+        end
+      end
+      Yoti::Anchor.new('', sub_type, signed_time_stamp, x509_certs_list, 'UNKNOWN')
+    end
+
+    #
+    # Get extension for provided oid.
+    #
+    # @param [OpenSSL::X509::Certificate] cert
+    # @param [String] oid
+    #
+    # @return [OpenSSL::X509::Extension]
+    #
+    def get_extension_by_oid(cert, oid)
+      cert.extensions.each do |extension|
+        return extension if extension.oid == oid
+      end
+      nil
+    end
+
+    #
+    # Return Anchor value.
+    #
+    # @param [OpenSSL::X509::Extension] anchor_extension
+    #
+    # @return [String, nil]
+    #
+    def get_anchor_value(anchor_extension)
+      decoded_extension = OpenSSL::ASN1.decode(anchor_extension)
+      extension_value = decoded_extension.value[1] if decoded_extension.value.is_a?(Array)
+      extension_value_item = extension_value.value if extension_value.is_a?(OpenSSL::ASN1::OctetString)
+      if extension_value_item.is_a?(String)
+        decoded = OpenSSL::ASN1.decode(extension_value_item)
+        return decoded.value[0].value if decoded.value[0].is_a?(OpenSSL::ASN1::ASN1Data)
+      end
+
+      nil
+    end
   end
 end

data/lib/yoti/version.rb

@@ -1,4 +1,4 @@
 module Yoti
   # @return [String] the gem's current version
-  VERSION = '1.4.0'.freeze
+  VERSION = '1.5.0'.freeze
 end

data/rubocop.yml

@@ -20,6 +20,9 @@ Metrics/BlockLength:
 Metrics/CyclomaticComplexity:
   Max: 9
 
+Metrics/ClassLength:
+  Max: 115
+
 Metrics/LineLength:
   Enabled: false
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: yoti
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.5.0
 platform: ruby
 authors:
 - Sebastian Zaremba
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-15 00:00:00.000000000 Z
+date: 2019-08-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-protobuf
@@ -189,7 +189,9 @@ files:
 - lib/yoti/client.rb
 - lib/yoti/configuration.rb
 - lib/yoti/data_type/anchor.rb
+- lib/yoti/data_type/application_profile.rb
 - lib/yoti/data_type/attribute.rb
+- lib/yoti/data_type/base_profile.rb
 - lib/yoti/data_type/image.rb
 - lib/yoti/data_type/image_jpeg.rb
 - lib/yoti/data_type/image_png.rb
@@ -238,7 +240,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubyforge_project: 
+rubygems_version: 2.7.9
 signing_key: 
 specification_version: 4
 summary: Yoti Ruby SDK for back-end integration.